About This Product
PSEBVC Provably Secure ECC and Biometric Based Authentication Framework Using Smartphone for Vehicular Cloud Environment
Abstract
Vehicular Cloud Environments (VCEs) enable vehicles to collaborate with cloud infrastructures to share computational, storage, and service resources. However, the sensitive nature of vehicular data and the high mobility of nodes demand robust yet efficient authentication mechanisms. This paper presents PSEBVC — a Provably Secure ECC and Biometric-Based Authentication Framework that leverages smartphones as trusted intermediaries for driver/vehicle authentication. The scheme combines lightweight Elliptic Curve Cryptography (ECC) with biometric templates securely stored and processed on the smartphone to provide two-factor, mutual authentication between vehicles and the vehicular cloud. Formal security proofs and performance evaluations demonstrate that PSEBVC resists replay, impersonation, and man-in-the-middle attacks while maintaining low computational and communication overhead suitable for real-time vehicular applications.
Existing System
Most existing authentication mechanisms for vehicular cloud services rely on either password/PIN-based credentials, certificate-based public key infrastructure (PKI), or traditional symmetric cryptography. While these approaches provide baseline security, they suffer from scalability and usability issues:
Password or PIN schemes are vulnerable to brute-force and shoulder-surfing attacks.
PKI-based systems require intensive certificate management and frequent revocations in a highly dynamic vehicular environment.
Symmetric schemes cannot guarantee non-repudiation and may become impractical at scale.
Furthermore, many solutions lack integration with user-centric trust factors such as biometrics, and few offer formal proofs of security under standard cryptographic models. Smartphones, despite their ubiquity, are often underutilized as secure, personal authentication devices in vehicular contexts. These gaps lead to insufficient identity assurance and create opportunities for unauthorized access to vehicular cloud services.
Proposed System
The PSEBVC framework integrates Elliptic Curve Cryptography (ECC) and biometric verification on a smartphone platform to create a provably secure, two-factor authentication mechanism for VCEs. The smartphone securely stores the driver’s biometric template (e.g., fingerprint or facial features) and uses on-device secure enclaves to prevent template leakage. Upon initiating a vehicular cloud session, the smartphone first verifies the driver’s biometric locally, then generates ECC-based challenge–response credentials for mutual authentication with the vehicular cloud. This process eliminates the need for transmitting raw biometric data over the network. Lightweight ECC operations ensure computational efficiency and small key sizes, making the protocol suitable for latency-sensitive vehicular applications. Additionally, PSEBVC includes a formal security model with proofs against replay, impersonation, and man-in-the-middle attacks, providing confidence in its cryptographic robustness. By using smartphones as trusted gateways, PSEBVC enhances usability, strengthens privacy, and scales seamlessly with growing vehicular cloud ecosystems.